Secure dynamic adaptive traffic masking techniques for traffic flow confidentiality on internetworks

As mission critical communication increases on open internetworks, there is a growing need for end-to-end protection from traffic analysis. This additional protection can be expensive and detrimental to performance when padding is used to mask traffic patterns. Traffic masking policies that are responsive to system service requirements can improve performance and lower cost. However, adaptive traffic masking has to balance performance requirements with system protection requirements and thus address the information leaks that result from adaptations. This dissertation introduces secure dynamically adaptive traffic masking (S-DATM) techniques, defines a new security model for S-DATM (SMD), and presents a framework for an S-DATM proof of concept module implemented in SMTP. SMD is a new security model for adaptive traffic masking that satisfies system requirements for protection, efficiency, and performance. SMD is based on a probabilistic state machine formulation. It allows secure trade-offs among protection, efficiency, and performance as well as specifying the security requirements for S-DATM mechanisms. Mechanisms that utilize S-DATM techniques can integrate into existing security protocols to provide end-to-end protection that is scalable to internetworks. S-DATM detects and prevents, or limits, information leaks caused by dynamic adaptation. An important contribution of the dissertation is an analysis of the trade-offs that can be utilized for improved performance and/or efficiency while maintaining control of the degree of protection. S-DATM techniques provide parameters that can be tuned to meet system needs both in the implementation stage and dynamically.